Fortinet Exam NSE8_811 Topic 1 Question 48 Discussion

Actual exam question for Fortinet's NSE8_811 exam

Question #: 48
Topic #: 1

You configured a firewall policy with only a Web filter profile for accessing the Internet. Access to websites belonging to the "Information Technology" category are blocked and to the "Business" category are allowed. SSL deep inspection is not enabled on this policy.

A user wants to access the website https://www.it-acme.com which presents a certificate with CN=www.acme.com. The it-acme.com domain is categorized as "Information Technology" and the acme.com domain is categorized as "Business".

Which statement regarding this scenario is correct?

AThe FortiGate is able to read the URL within HTTPS sessions when using SSL certificate inspection so the website will be blocked by the 'Information Technology'.

BThe website will be blocked by category 'Information Technology' as the SNI takes precedence over the certificate name.

CThe website will be allowed by category 'Business' as the certificate name takes precedence over the
URL.

DOnly with SSL deep inspection enabled will the FortiGate be able to categorized this website.

Show Suggested Answer

Suggested Answer: B

by Lettie at Sep 16, 2022, 06:16 AM

Limited Time Offer

25%

Off

Get Premium NSE8_811 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!